Good enough? Certification and integrity in a rapidly changing industry

Alex Powell

Safety Critical Lead, Volant Autonomy

The current approach to achieve certification within aerospace is inherently expensive and time-consuming, following a process which has ensured an enviable safety record. The introduction of uncrewed aviation systems requires a new paradigm for safety in aerospace and a new role for safety critical software. Pivotal to this change is the importance of the operational context in the risk assessment of uncrewed operations. An uncrewed aircraft does not carry a safety risk in itself, it only poses a risk to the environment in which it operates.

How can the aerospace sector evolve to enable the integration of modern technologies whilst maintaining safe operations?

The Uncrewed Aviation market is set to expand rapidly, but this expansion is being slowed by current approaches to type certification. For a Small Uncrewed Autonomous System (sUAS) operating in a remote environment at low altitude, the investment required to achieve type certification is prohibitive. To realise this market, an overhaul of integration into existing airspace operations is needed.

What is good enough" for these platforms, and what further developments will be required to unlock more complex operations?

The Specific Operational Risk Assessment (SORA) published by EASA proposes a new methodology for determining the Specific Integrity and Assurance Level (SAIL) for that operation. The methodology is based on the breakdown of flight risk into its core components: air risk and ground risk. These are combined to form the SAIL for the proposed operation. The assurance and integrity levels span operations from a low-weight craft, overflying low population densities at low altitude to a large craft overflying urban areas.

What does this mean for software engineers?

SORA allows for the same risk-based approach to engineering. Adopting a nuanced assessment of the safety requirements for the intended application, engineers can focus on higher integrity levels where needed. As development progresses, individual components can be "swapped out" for the same functionality at a higher-level integrity, unlocking new regions of operation.

By focusing on how and where engineering rigour is applied, novel solutions that incrementally increase the integrity of a system mean early adoption of technologies becomes possible, lowering the investment-to-entry barrier.

This creates a positive cycle. Early deployment of higher integrity level technologies on low-risk operations expands the application of those operations. Flying these operations with enabling technologies onboard allows for the development of a safety case for higher SAIL levels. As operations continue and expand, proof of market demand increases, unlocking investment and allowing us to realise the full potential of autonomous flight in integrated airspace.

This talk will explore the trends illustrated by the publication of SORA and the implications for high integrity software engineering of novel technologies. We will review how SORA enables new technologies, such as cloud-based deployment, whilst applying recognised industry standards. Using examples from the real-world application of high-integrity software within a mixed criticality environment, we will address the challenges and discuss new opportunities this regulatory development presents to the high integrity community.

About Alex Powell

Alex Powell is the Safety-Critical Lead at Volant Autonomy, a spin-out out from the University of Bath. Volant's mission is enabling the Advanced-Air-Mobility market through technologies supporting the integration of uncrewed aircraft into the airspace. Alex has been involved in safety critical systems from the outset of his career and is looking at how to utilize modern approaches to build safe, robust software.

Sponsored by

Official Media Partners

Supported by